Method for protecting devices, specially car radios, against theft

ABSTRACT

A method for providing an anti-theft mechanism for devices, in particular for car radios, in that a code which identifies the device must be entered directly into the device in order to activate the device. The code is derived from an item of check information assigned to the device, using an irreversible encryption method.

FIELD OF THE INVENTION

The present invention relates to a method for providing an anti-theftmechanism for devices, in particular for car radios, in which a codethat identifies the device must be entered directly into the device inorder to activate the device.

BACKGROUND INFORMATION

Conventional means of providing car radios with an anti-theft code areknown. For this purpose, a secret code is stored in a memory assigned tothe car radio. This code can be stored, for example, in an internal oran external EEPROM (Electrically Erasable Programmable Read-OnlyMemory). The first time the car radio is activated, or when it isreactivated following an interruption of the power supply for the carradio, the code must be entered directly into the car radio. This can bedone either manually using input keys or using an external code card. Aprocessor unit integrated into the car radio compares the stored secretcode with the entered code and, if the two codes match, enablesunrestricted use of the car radio.

The disadvantage of this method is that the secret code stored in thecar radio can be read relatively easily. Unauthorized reading of thecode enables unauthorized users to gain access to the code and thus toactivate the car radio as well.

SUMMARY OF THE INVENTION

The method according to the present invention features offers theadvantage over the conventional means in that a device provided with ananti-theft mechanism cannot be used without authorization. Because thecode is derived from an item of check information assigned to the deviceusing an irreversible encryption method, the anti-theft code itself isnot stored in the device. This prevents unauthorized persons fromreading this code and from improperly using it to activate the devicewithout authorization. For example, asymmetrical methods, in particularthe RSA (Revest Shamir Edelmann) method, are used as the irreversibleencryption method. The advantage of these methods is that, they offer avery high cryptographic quality, which means that information that hasbeen encrypted by an asymmetrical method can be decrypted only bysystematic trial and error, which involves a great deal of time andcomputing power and is not economically justified by the benefitsgained.

According to an embodiment of the present invention, a public key of theencryption method and the encryption output information (checkinformation), in particular a serial number of the device to beprotected, are stored in a processor or in a memory element assigned tothe processor in the device. Knowledge of this information does notenable an unauthorized user to determine the code for unrestricted useof the to be protected device. Only after the authorized user hasentered the code externally, for example manually or using a code card,is the check information calculated and then compared with the storedcheck information, with the device enabled if the two items of checkinformation match.

According to a another embodiment of the present invention, both thecheck information and a check algorithm are stored in the protecteddevice. This makes it advantageously possible to minimize the amount ofeffort needed for encryption, at the same time maintaining anirreversible encryption method. An irreversible encryption method ofthis type can be provided even without the relatively complicated use ofa complete asymmetrical method by storing a check algorithm for a code,but not the algorithm for generating the code. The check algorithm andthe check information, which can be read out, also make it possible toobtain the algorithm for generating the code, and thus the code itself,only with a great deal of effort.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 shows a first schematic representation of an encryption systemfor a device according to the present invention.

FIG. 2 shows a first schematic representation of a method for activatingan encrypted device according to the present invention.

FIG. 3 shows a second schematic representation of an encryption systemfor a device according to the present invention.

FIG. 4 shows a second schematic representation of a method foractivating a device encrypted according to the present invention.

FIG. 5 shows a third schematic representation of a method for activatinga device encrypted according to the present invention.

DETAILED DESCRIPTION

Based on the embodiments explained below, the description concerns thegeneration and use of an anti-theft code for car radios. However, thismethod can, in principle, be used for all devices in need of protection.

FIG. 1 shows the generation of the code according to the presentinvention. In this case, an asymmetrical encryption algorithm 10 isprovided with an item of check information 12 to which a secret code 14is applied, thus forming a code 16. For example, the serial number ofthe protected device i.e., the serial number of the car radio, forexample, can be used as check information 12. Code 16 is generated fromthis serial number, or a portion of the serial number, for example aselection of any individual digits in the serial number, using secretkey 14 in a protected environment during production of the car radio.Code 16 is supplied with the car radio when it is first shipped from thefactory or when it is intentionally transferred to another party. Thiscan be done, for example, by communicating the code in writing or bysupplying a code card on which code 16 is stored.

The car radio itself contains a processor unit in which checkinformation 12 in the form of invariable information and a public key 18of asymmetrical encryption method 10 are stored.

Car radio 20 indicated in FIG. 2 contains public key 18 and checkinformation 12, but not code 16, which is needed to activate orreactivate car radio 20. To activate or reactivate car radio 20 in anauthorized manner, the authorized user enters code 16 into the processorof car radio 20. This can be done, for example, by entering code 16,which was communicated in writing, using a key or by inserting a codecard. Asymmetrical encryption method 10 determines a calculated item ofcheck information 12′ on the basis of entered code 16 and public key 18.Check information 12′ is compared with invariable stored checkinformation 12 in a comparator 22. If comparator 22 finds a matchbetween check information 12 and calculated check information 12′, carradio 20 is enabled for unlimited user 24.

It is apparent that, upon the theft of car radio 20, public key 18 ofasymmetrical encryption method 10, to which anyone can gain access inany case, and the check information, for example the serial number,which is also generally accessible, are available, while code 16 fordetermining calculated check information 12′ remains inaccessible. Inaddition, code 16 cannot be determined on the basis of public key 18 ofasymmetrical encryption method 10.

It is also perfectly apparent that car radio 20 cannot be activated orreactivated without knowledge of code 16.

Because the irreversible asymmetrical encryption method described on thebasis of FIGS. 1 and 2 involves an amount of effort that is notjustified by the economic benefit gained for certain groups of protecteddevices a simplified irreversible encryption method is described on thebasis of FIGS. 3 and 4.

As illustrated in FIG. 1, check information 12, for example the serialnumber of the car radio, is supplied to an encryption method 10′. Ageneration algorithm 26 is used to derive code 16 from the checkinformation. Code 16 is then supplied with the car radio either inwriting or in the form of a code card.

As shown in FIG. 4, car radio 20 is activated or reactivated by enteringcode 16 into car radio 20. Encryption method 10′ applies a checkalgorithm 28 and check information 12 to code 16. Check algorithm 28checks code 16 to see whether the latter can be associated with checkinformation 12. If check algorithm 28 determines that code 16 belongs tocar radio 20 containing check information 12, it enables car radio 20for unrestricted use 24.

The irreversible encryption method explained on the basis of FIGS. 3 and4 is also characterized in that car radio 20 contains neither code 16nor algorithm 26 for generating code 16. It includes only checkinformation 12 and check algorithm 28, which does not provide directaccess to code 16 even if it is output by an unauthorized person. Onlyafter completing a complicated analysis of check algorithm 28 is itpossible to gain access to algorithm 26 for generating code 16. As aresult, even this simplified irreversible encryption method provides ananti-theft mechanism for car radios 20 or other devices in need ofprotection.

Depending on the level of protection required by the protected devices,it is possible to select either the more complicated asymmetricalencryption method described according to FIGS. 1 and 2 or the simplerpseudo-asymmetrical encryption method described according to FIGS. 3 and4.

FIG. 5 shows a method for activating a device encrypted according to thepresent invention in which code 16 and check algorithm 28 are suppliedto encryption method 10′, which generates check information 12′ fromthem. Check algorithm 28 and check information 12 are both stored in carradio 20. Comparator 22 compares check information 12′ to checkinformation 12 in the car radio and; if the two items of informationmatch, enables the car radio for unrestricted use 24.

1. A method for preventing an unauthorized use of a device, comprising the steps of: generating a code from a first item of check information using an irreversible encryption method; assigning the code to the device, the code being entered directly into the device to activate the device; storing the first item of check information in the device for authorization purposes; generating a second item of check information from the code using the irreversible encryption method; comparing the first item of check information with the second item of check information; and storing a check algorithm for the code and the second items of check information in the device.
 2. The method according to claim 1, wherein the device is a car radio.
 3. The method according to claim 1, wherein the irreversible encryption method includes asymmetrical encryption methods.
 4. The method according to claim 1, wherein the irreversible encryption method is a Revest Shamir Edelmann method.
 5. The method according to claim 1, wherein the code is generated in a secure location using a secret key.
 6. The method according to claim 1, further comprising the step of: storing a public key for the code in the device.
 7. The method according to claim 8, wherein the check information is one of a serial number of the device and a portion of the serial number of the device.
 8. A method for preventing an unauthorized use of a device, comprising the steps of: causing an irreversible encryption method to apply a generation algorithm to an item of check information to generate a code; assigning the code to the device, the code being entered directly into the device to activate the device; storing a check algorithm for the code and the item of check information in the device; causing the irreversible encryption method to apply the check algorithm and the item of check information to the code; and causing the check algorithm to check the code to determine whether the code is associated with the item of check information.
 9. A method for preventing an unauthorized use of a device, comprising the steps of: generating a code from a first item of check information using an irreversible encryption method; assigning the code to the device, the code being entered directly into the device to activate the device; storing the first item of check information in the device for authorization purposes; generating a second item of check information from the code using the irreversible encryption method; and comparing the first item of check information with the second item of check information. 